Skip to content

Commit

Permalink
[ELY-2493] Upgrade jackson-databind to 2.13.4 to address CVE-2022-42004
Browse files Browse the repository at this point in the history
  • Loading branch information
@Skyllarr
Skyllarr committed Nov 24, 2022
1 parent b313f4e commit b6f942f
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,8 @@

<properties>
<jdk.min.version>11</jdk.min.version>
<version.com.fasterxml.jackson>2.13.3</version.com.fasterxml.jackson>
<version.com.fasterxml.jackson>2.13.4</version.com.fasterxml.jackson>
<version.com.fasterxml.jackson.databind>${version.com.fasterxml.jackson}.2</version.com.fasterxml.jackson.databind>
<version.commons-cli>1.4</version.commons-cli>
<version.io.smallrye.jwt>3.1.1</version.io.smallrye.jwt>
<version.jakarta.enterprise>2.0.2</version.jakarta.enterprise>
Expand Down Expand Up @@ -1041,7 +1042,7 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${version.com.fasterxml.jackson}</version>
<version>${version.com.fasterxml.jackson.databind}</version>
</dependency>
<dependency>
<groupId>org.bitbucket.b_c</groupId>
Expand Down

0 comments on commit b6f942f

Please sign in to comment.